NOTE:You must install the Advanced Authentication Device Service for the PKI method enrollment.
To enroll a PKI, perform the following steps:
Insert a card or plug in a crypto stick to your machine.
Enter a PIN code.
IMPORTANT:The PKI method supports the 1:N feature. The user name will be detected automatically by the Advanced Authentication. You can authenticate by pressing CTRL+ALT+DEL and then plugging in your PKI device.
If you get the error Wrong card, the authenticator that is used is incorrect. Repeat with another card or crypto stick or re-enroll the authenticator in Self-Service Portal or contact the helpdesk.If you get the error Present card, ensure that the PKI device is properly connected. Try to connect it to a different USB slot.If you get the error <Your user name> has no authenticator for PKI, you need to go to the Self-Service Portal to enroll the authenticator or contact the helpdesk.
NOTE:In a scenario where you leave a card on the reader or a crypto stick connected, and once you log in you can lock the operating system automatically even if you take off the card from the reader or unplug your crypto stick (if it is configured by the system administrator). Then you can place a card back to the reader or plug your crypto stick to unlock the operating system.
You must put the card again to the reader to unlock the operating system. Advanced Authentication does not support locking or unlocking an operating system by tapping a card.